<?php 
include('header.php');
// get id from query_string
$id = isset($_GET['id']) ? $_GET['id'] : null;

// Check if the user gave an id in query_string or if an admin
if (($authrow['level'] == 0) && ($id != $authrow['id'])) { $id = $authrow['id']; }
if (!$_SERVER['QUERY_STRING']) { $id = $authrow['id'];}

// get posted var and insert into database (Update name)
if (isset($_POST['name'])) {
        $name = $_POST['name'];
	$id = $_POST['id'];
        mysql_query('UPDATE user SET name=\'' . $name . '\' WHERE id=' . $id);
	$msg = '<div class="updated">User Profile updated.</div>';
}

// get posted var and insert into database (update email addr)
if (isset($_POST['emailaddr'])) {
        $emailaddr = $_POST['emailaddr'];
	$id = $_POST['id'];
        mysql_query('UPDATE user SET emailaddr=\'' . $emailaddr . '\' WHERE id=' . $id);
	$msg = '<div class="updated">User Profile Updated.</div>';
}

// get posted var and insert into database (update email notifications)
if (isset($_POST['getemail'])) {
        $getemail = $_POST['getemail'];
	$id = $_POST['id'];
        mysql_query('UPDATE user set getemail=' . $getemail . ' WHERE id=' . $id);
	$msg = '<div class="updated">User Profile Updated.</div>';
}

// Select user info from database
$user = mysql_query('SELECT * FROM user WHERE id=' . $id); 

$user_info = mysql_fetch_array($user);

// Set vars
$username = $user_info['username'];
$name = $user_info['name'];
$emailaddr = $user_info['emailaddr'];
$getemail = $user_info['getemail'];
?>

<h2><?php echo $username; ?> Extended User Information</h2>
<?php if (isset($msg)) { echo $msg; } // echo message if is set ?>
<hr />
<h3></h3>
<form action="usrinfo.php" method="post">
	<table class="mediumtable">
	        <tbody>
	                <tr class="row1">
				<td>Name:</td>
				<td><input name="name" type="text" value="<?php echo $name; ?>" size="32" /></td>
			</tr>
			<tr class="row2">
				<td>Email Address:</td>
				<td><input name="emailaddr" type="text" value="<?php echo $emailaddr; ?>" size="32" /></td>
			</tr>
			<tr class="row1">
				<td>Receive Email Alerts:</td>
				<td><select name="getemail">
					<option value="0" <?php if ($getemail == 0) { echo 'selected="selected"'; } ?>>No</option>
					<option value="1" <?php if ($getemail == 1) { echo 'selected="selected"'; } ?> >Yes</option>
				</select></td>
			</tr>
			<tr class="row2">
				<td><input type="submit" value="Submit" /></td>
				<td><input type="reset" value="Reset" /></td>
			</tr>
		</tbody>
	</table>
	<input type="hidden" name="id" value="<?php echo $id; ?>" />
</form>

<br />
<hr />

<?php include('footer.php'); ?>
